Solved

PowerShell: Error provisoning a user for Office Communicator 2007 R2 (Using SET-QADUser)

Posted on 2011-02-21
8
1,614 Views
Last Modified: 2013-11-29
I'm getting the following error when I attempt to use Quest SET-QADUser to provision a user for OCS 2007 R2 support.

I get that the SET-QADUser is in the example below is modifying the user account attributes directly, but I'm confused as to why the command is failing.

The server I'm pointing to is the Office Communicator 2007 R2 server...

Set-QADUser : A constraint violation occurred.

At \\<network path erased>\NewUserCreationV1_1.ps1:530 char:13

+     set-qaduser <<<<  -identity $strSamAccountName -oa @{'msRTCSIP-UserEnabled'=$true;'msRTCSIP-PrimaryHomeServer'='CN=OCServer1,CN=Live Communicator,CN=Member Servers,CN=Servers,DC=humpty,DC=dumpty,DC=com';'msRTCSIP-PrimaryUserAddress'=("sip:" + $strMailAddress );'msRTCSIP-OptionFlags'=256;'msRTCSIP-InternetAccessEnabled'=$true}

    + CategoryInfo          : NotSpecified: (:) [Set-QADUser], DirectoryServicesCOMException

    + FullyQualifiedErrorId : System.DirectoryServices.DirectoryServicesCOMException,Quest.Act
   iveRoles.ArsPowerShellSnapIn.Powershell.Cmdlets.SetUserCmdlet


Any thoughts?

I don't see any options on Experts Exchange for OCS 2007 (or any OCS / Lync platform for that matter), so I'm placing this in PowerShell and AD.

GB
0
Comment
Question by:gerhardub
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 34942704

They both sit until LCS (Live Communications Server), which is a tad out of date these days.

Anyway, I think this is the problem:

msRTCSIP-PrimaryHomeServer

I believe this should be a reference to the Pool under the Configuration Naming Context, not the server itself in the Domain context.

Chris
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 34942719

And just for reference, the topic area path is:

OS / Microsoft OS / MS Server OS / Microsoft LCS

Chris
0
 
LVL 1

Author Comment

by:gerhardub
ID: 34943296
You rock... searching just did not find OCS, Lync, or LCS...

A pool eh?  Humph... I just not really familiar with LCS to know what to look for in AD... (Assuming I look in AD for the pool?  ...or is it the container were the OCS server resides?, etc.)

GB
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 34943412

Can you copy it from someone who is already activated on the system?

I forget exactly what it looks like for OCS (upgraded ours to Lync), but it will be named after the server for Standard Edition. And it'll be under this if I remember correctly:

CN=Pools,CN=RTC Service,CN=Services,CN=Configuration,DC=domain,DC=com

If not that, you might check that proxyAddresses already contains the SIP address, not sure if it validates that at all, or if it just figures itself out.

Upgrade to Lync, Enable-CsUser is easier :)

Chris
0
 
LVL 1

Author Comment

by:gerhardub
ID: 34944299
Ok,

So this is what I needed to do to get it to work, and it did work:

set-qaduser -identity $strSamAccountName -oa @{'msRTCSIP-UserEnabled'=$true;'msRTCSIP-primaryHomeServer'='CN=LC Services,CN=Microsoft,CN=<LCS Server>,CN=Pools,CN=RTC Service,CN=Microsoft,CN=System,DC=<company>,DC=com';'msRTCSIP-PrimaryUserAddress'=("sip:" + $strMailAddress );'msRTCSIP-OptionFlags'=256;'msRTCSIP-InternetAccessEnabled'=$true}

What I find confusing is that none of the contructs are visible in AD as OUs.  E.g. pools.RTC Service.Microsoft.System... etc.

Using the format above causes everything to work without issue... the only configuration difference I need to fix is that the "Allow Remote Access" attribute is set to $true.

But the code about will provision an OCS account and it does work!

GB
1
 
LVL 71

Expert Comment

by:Chris Dent
ID: 34944315

> What I find confusing is that none of the contructs are visible in AD as OUs.  E.g. pools.RTC Service.Microsoft.System... etc.

They are, just not in AD Users and Computers. If you fire up ADSI Edit you can access the Configuration naming context, it's an entirely separate partition of AD.

Chris
0
 
LVL 1

Author Comment

by:gerhardub
ID: 34944709
Roger... thanks!
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In previous parts of this Nano Server deployment series, we learned how to create, deploy and configure Nano Server as a Hyper-V host. In this part, we will look for a clustering option. We will create a Hyper-V cluster of 3 Nano Server host nodes w…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question